Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(189)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/nss_cert_database_unittest.cc

Issue 15315003: Generate unique certificate nicknames on Linux/CrOS. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Update README Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/cert/cert_database_nss.cc ('K') | « net/cert/cert_database_nss.cc ('k') | net/cert/x509_certificate_nss.cc » ('j') | net/cert/x509_certificate_nss.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/nss_cert_database_unittest.cc
diff --git a/net/cert/nss_cert_database_unittest.cc b/net/cert/nss_cert_database_unittest.cc
index 4f65005fd15f2e81b2c7fe9be303bb06f0a4b826..71275bb4eaeb311dc0149f12ccff5a8a2736e33d 100644
--- a/net/cert/nss_cert_database_unittest.cc
+++ b/net/cert/nss_cert_database_unittest.cc
@@ -938,4 +938,44 @@ TEST_F(CertDatabaseNSSTest, TrustIntermediateCa4) {
EXPECT_EQ(0U, verify_result2.cert_status);
}
+// Importing two certificates with the same issuer and common name, but
wtc 2013/05/22 20:58:45 Could you clarify whether the "common name" is the
+// distinct subject names, should succeed and generate a unique nickname for
+// the second certificate.
wtc 2013/05/22 20:58:45 The test doesn't check the nicknames are different
Ryan Sleevi 2013/05/22 23:20:19 Fixed.
+TEST_F(CertDatabaseNSSTest, ImportDuplicateCommonName) {
+ CertificateList certs =
+ CreateCertificateListFromFile(GetTestCertsDirectory(),
+ "duplicate_cn_1.pem",
+ X509Certificate::FORMAT_AUTO);
+ ASSERT_EQ(1U, certs.size());
+
+ EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size());
+
+ // Import server cert with default trust.
+ NSSCertDatabase::ImportCertFailureList failed;
+ EXPECT_TRUE(cert_db_->ImportServerCert(
+ certs, NSSCertDatabase::TRUST_DEFAULT, &failed));
+ EXPECT_EQ(0U, failed.size());
+ EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT,
+ cert_db_->GetCertTrust(certs[0], SERVER_CERT));
+
+ CertificateList new_certs = ListCertsInSlot(slot_->os_module_handle());
+ ASSERT_EQ(1U, new_certs.size());
+
+ // Now attempt to issue a different version with the same common name.
wtc 2013/05/22 20:58:45 What does "issue a different version" mean?
Ryan Sleevi 2013/05/22 23:20:19 typo s/issue/import/ s/version/certificate/
+ CertificateList certs2 =
+ CreateCertificateListFromFile(GetTestCertsDirectory(),
+ "duplicate_cn_2.pem",
+ X509Certificate::FORMAT_AUTO);
+ ASSERT_EQ(1U, certs2.size());
+
+ // Import server cert with default trust.
+ EXPECT_TRUE(cert_db_->ImportServerCert(
+ certs2, NSSCertDatabase::TRUST_DEFAULT, &failed));
+ EXPECT_EQ(0U, failed.size());
+ EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT,
+ cert_db_->GetCertTrust(certs2[0], SERVER_CERT));
+
+ EXPECT_EQ(2U, ListCertsInSlot(slot_->os_module_handle()).size());
+}
+
} // namespace net
« net/cert/cert_database_nss.cc ('K') | « net/cert/cert_database_nss.cc ('k') | net/cert/x509_certificate_nss.cc » ('j') | net/cert/x509_certificate_nss.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698